From 19fcd2e1d99a1437a167a1895b9195e7ca3b5b60 Mon Sep 17 00:00:00 2001 From: Meredith Lancaster Date: Tue, 31 Oct 2023 14:51:40 -0600 Subject: [PATCH] fix compile errors Signed-off-by: Meredith Lancaster --- go.mod | 16 ++++++++-------- go.sum | 32 ++++++++++++++++---------------- pkg/api/api.go | 4 ++-- pkg/signer/signer.go | 8 ++++---- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/go.mod b/go.mod index 58453f2a..70c27ffe 100644 --- a/go.mod +++ b/go.mod @@ -40,22 +40,22 @@ require ( sigs.k8s.io/release-utils v0.7.6 ) -replace github.com/sigstore/sigstore => github.com/malancas/sigstore v0.0.0-20230919024336-d4939b3b993e +replace github.com/sigstore/sigstore => github.com/malancas/sigstore v0.0.0-20231031155517-ba36e0d7114c -replace github.com/sigstore/sigstore/pkg/signature/kms/aws => github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20230919024336-d4939b3b993e +replace github.com/sigstore/sigstore/pkg/signature/kms/aws => github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20231031155517-ba36e0d7114c -replace github.com/sigstore/sigstore/pkg/signature/kms/azure => github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20230919024336-d4939b3b993e +replace github.com/sigstore/sigstore/pkg/signature/kms/azure => github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20231031155517-ba36e0d7114c -replace github.com/sigstore/sigstore/pkg/signature/kms/gcp => github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20230919024336-d4939b3b993e +replace github.com/sigstore/sigstore/pkg/signature/kms/gcp => github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20231031155517-ba36e0d7114c -replace github.com/sigstore/sigstore/pkg/signature/kms/hashivault => github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20230919024336-d4939b3b993e +replace github.com/sigstore/sigstore/pkg/signature/kms/hashivault => github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20231031155517-ba36e0d7114c require ( cloud.google.com/go v0.110.8 // indirect cloud.google.com/go/compute v1.23.0 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/iam v1.1.2 // indirect - cloud.google.com/go/kms v1.15.3 // indirect + cloud.google.com/go/kms v1.15.4 // indirect cloud.google.com/go/longrunning v0.5.1 // indirect filippo.io/edwards25519 v1.0.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0 // indirect @@ -65,7 +65,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go v1.46.3 // indirect + github.com/aws/aws-sdk-go v1.46.7 // indirect github.com/aws/aws-sdk-go-v2 v1.21.2 // indirect github.com/aws/aws-sdk-go-v2/config v1.19.1 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.13.43 // indirect @@ -134,11 +134,11 @@ require ( github.com/ryanuber/go-glob v1.0.0 // indirect github.com/sagikazarmark/locafero v0.3.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect + github.com/secure-systems-lab/go-securesystemslib v0.7.0 // indirect github.com/sourcegraph/conc v0.3.0 // indirect github.com/spf13/afero v1.10.0 // indirect github.com/spf13/cast v1.5.1 // indirect github.com/subosito/gotenv v1.6.0 // indirect - github.com/theupdateframework/go-tuf v0.5.2 // indirect github.com/tidwall/pretty v1.2.0 // indirect github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect go.mongodb.org/mongo-driver v1.11.3 // indirect diff --git a/go.sum b/go.sum index 5a3b0aa5..2df8a8aa 100644 --- a/go.sum +++ b/go.sum @@ -33,8 +33,8 @@ cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7 cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/iam v1.1.2 h1:gacbrBdWcoVmGLozRuStX45YKvJtzIjJdAolzUs1sm4= cloud.google.com/go/iam v1.1.2/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU= -cloud.google.com/go/kms v1.15.3 h1:RYsbxTRmk91ydKCzekI2YjryO4c5Y2M80Zwcs9/D/cI= -cloud.google.com/go/kms v1.15.3/go.mod h1:AJdXqHxS2GlPyduM99s9iGqi2nwbviBbhV/hdmt4iOQ= +cloud.google.com/go/kms v1.15.4 h1:gEZzC54ZBI+aeW8/jg9tgz9KR4Aa+WEDPbdGIV3iJ7A= +cloud.google.com/go/kms v1.15.4/go.mod h1:L3Sdj6QTHK8dfwK5D1JLsAyELsNMnd3tAIwGS4ltKpc= cloud.google.com/go/longrunning v0.5.1 h1:Fr7TXftcqTudoyRJa113hyaqlGdiBQkp0Gq7tErFDWI= cloud.google.com/go/longrunning v0.5.1/go.mod h1:spvimkwdz6SPWKEt/XBij79E9fiTkHSQl/fRUUQJYJc= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= @@ -72,8 +72,8 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aws/aws-sdk-go v1.46.3 h1:zcrCu14ANOji6m38bUTxYdPqne4EXIvJQ2KXZ5oi9k0= -github.com/aws/aws-sdk-go v1.46.3/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.46.7 h1:IjvAWeiJZlbETOemOwvheN5L17CvKvKW0T1xOC6d3Sc= +github.com/aws/aws-sdk-go v1.46.7/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go-v2 v1.21.2 h1:+LXZ0sgo8quN9UOKXXzAWRT3FWd4NxeXWOZom9pE7GA= github.com/aws/aws-sdk-go-v2 v1.21.2/go.mod h1:ErQhvNuEMhJjweavOYhxVkn2RUx7kQXVATHrjKtxIpM= github.com/aws/aws-sdk-go-v2/config v1.19.1 h1:oe3vqcGftyk40icfLymhhhNysAwk0NfiwkDi2GTPMXs= @@ -398,16 +398,16 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/malancas/sigstore v0.0.0-20230919024336-d4939b3b993e h1:w6W4PtdiTTFK78jlu5c6jddEMBnlv9lDLLST9l1VH4E= -github.com/malancas/sigstore v0.0.0-20230919024336-d4939b3b993e/go.mod h1:p9U+UbdICzTUcOzXf76yW9eVfcsltCJz2dns7W33yfM= -github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20230919024336-d4939b3b993e h1:D5CX5aJr7oN+v2RMdTqBpk0+hiYAusRsb0rx95RA3Us= -github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20230919024336-d4939b3b993e/go.mod h1:OLH55fLYuDRtYCZMyeN/rT9UzgcmHWd1Yo4flr6tOU0= -github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20230919024336-d4939b3b993e h1:+6YcLScf3kCB4r7Nxr1kgtFWySluYNGw5y96kAtowD4= -github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20230919024336-d4939b3b993e/go.mod h1:/UsuTJyJEbGtDjfFjP5a0oUskl96r8dFe4W8+FjJWnM= -github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20230919024336-d4939b3b993e h1:+L4QH9UFPMuo1TDn7r1kRA+iwwB+1buu9nKNcFwZUDY= -github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20230919024336-d4939b3b993e/go.mod h1:tKRTrc+5587Q2AMDAajDv1j5/1xvz3xajtqkDyLlYic= -github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20230919024336-d4939b3b993e h1:WLFRUZvB0ySuA3Ojt1iWk+4Zz3Y5urYfHJ62YfqW6tc= -github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20230919024336-d4939b3b993e/go.mod h1:R+gAZ3uUE3xZbmUHgL8BeAs9po1y4po6/PVwIprJU7A= +github.com/malancas/sigstore v0.0.0-20231031155517-ba36e0d7114c h1:b2CpZnqe6n1R031ZanXjy2LXUA/4pMA6HJ27y3twyjg= +github.com/malancas/sigstore v0.0.0-20231031155517-ba36e0d7114c/go.mod h1:9OCmYWhzuq/G4e1cy9m297tuMRJ1LExyrXY3ZC3Zt/s= +github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20231031155517-ba36e0d7114c h1:OhMuTlILM7k1FcOLTkCTNwz77oAhqlWTCmJNr8jh3WU= +github.com/malancas/sigstore/pkg/signature/kms/aws v0.0.0-20231031155517-ba36e0d7114c/go.mod h1:3pL9u1lz6w1ySi+aKBgsX1gJDyCUhK11LmetPHAUPGA= +github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20231031155517-ba36e0d7114c h1:uekPewfrD3Ds0qByJzxGFvMaNVqmGykzcHQ0HqJbuRE= +github.com/malancas/sigstore/pkg/signature/kms/azure v0.0.0-20231031155517-ba36e0d7114c/go.mod h1:9nJQA5YgWsXrwjrVoVaO8JfTI/TpPF+oAkpkNKZu6lo= +github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20231031155517-ba36e0d7114c h1:O2KyZSIiEA2fNqVgd2CNd1hAA7QlJbRHkiwj9i3RWeE= +github.com/malancas/sigstore/pkg/signature/kms/gcp v0.0.0-20231031155517-ba36e0d7114c/go.mod h1:NzK4xwhukQnYPyf70yRKuIa6+TFg/boRad/GMJYOAho= +github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20231031155517-ba36e0d7114c h1:zx4cjctdObyT3vyqNzxeok/MmbdXDs//CGx9/Jizdkc= +github.com/malancas/sigstore/pkg/signature/kms/hashivault v0.0.0-20231031155517-ba36e0d7114c/go.mod h1:EI9vDWVGG8fQU9aFMY7Bd204xJiqmXcDMSkFifCf16Q= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -472,6 +472,8 @@ github.com/sagikazarmark/locafero v0.3.0 h1:zT7VEGWC2DTflmccN/5T1etyKvxSxpHsjb9c github.com/sagikazarmark/locafero v0.3.0/go.mod h1:w+v7UsPNFwzF1cHuOajOOzoq4U7v/ig1mpRjqV+Bu1U= github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= +github.com/secure-systems-lab/go-securesystemslib v0.7.0 h1:OwvJ5jQf9LnIAS83waAjPbcMsODrTQUpJ02eNLUoxBg= +github.com/secure-systems-lab/go-securesystemslib v0.7.0/go.mod h1:/2gYnlnHVQ6xeGtfIqFy7Do03K4cdCY0A/GlJLDKLHI= github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= @@ -509,8 +511,6 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= -github.com/theupdateframework/go-tuf v0.5.2 h1:habfDzTmpbzBLIFGWa2ZpVhYvFBoK0C1onC3a4zuPRA= -github.com/theupdateframework/go-tuf v0.5.2/go.mod h1:SyMV5kg5n4uEclsyxXJZI2UxPFJNDc4Y+r7wv+MlvTA= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= diff --git a/pkg/api/api.go b/pkg/api/api.go index 4191ddb9..8a332900 100644 --- a/pkg/api/api.go +++ b/pkg/api/api.go @@ -36,9 +36,9 @@ import ( type API struct { tsaSigner kms.CryptoSignerWrapper // the signer to use for timestamping + tsaSignerHash crypto.Hash // hash algorithm used to hash pre-signed timestamps certChain []*x509.Certificate // timestamping cert chain certChainPem string // PEM encoded timestamping cert chain - tsaSignerHash crypto.Hash // hash algorithm used to hash pre-signed timestamps } func NewAPI() (*API, error) { @@ -49,7 +49,7 @@ func NewAPI() (*API, error) { return nil, errors.Wrap(err, "error getting hash") } tsaSigner, err := signer.NewCryptoSigner(ctx, tsaSignerHash, - viper.GetString("timestamp-signer"), + signer.SignerScheme(viper.GetString("timestamp-signer")), viper.GetString("kms-key-resource"), viper.GetString("tink-key-resource"), viper.GetString("tink-keyset-path"), viper.GetString("tink-hcvault-token"), diff --git a/pkg/signer/signer.go b/pkg/signer/signer.go index d3bfa50e..e847eb6e 100644 --- a/pkg/signer/signer.go +++ b/pkg/signer/signer.go @@ -36,9 +36,9 @@ type SignerScheme string const ( KMSScheme SignerScheme = "kms" - TinkScheme = "tink" - MemoryScheme = "memory" - FileScheme = "file" + TinkScheme SignerScheme = "tink" + MemoryScheme SignerScheme = "memory" + FileScheme SignerScheme = "file" ) type WrappedSigner interface { @@ -46,7 +46,7 @@ type WrappedSigner interface { HashFunc() crypto.Hash } -func NewCryptoSigner(ctx context.Context, signer SignerScheme, kmsKey, tinkKmsKey, tinkKeysetPath, hcVaultToken, fileSignerPath, fileSignerPasswd string) (WrappedSigner, error) { +func NewCryptoSigner(ctx context.Context, hash crypto.Hash, signer SignerScheme, kmsKey, tinkKmsKey, tinkKeysetPath, hcVaultToken, fileSignerPath, fileSignerPasswd string) (WrappedSigner, error) { switch signer { case MemoryScheme: sv, _, err := signature.NewECDSASignerVerifier(elliptic.P256(), rand.Reader, crypto.SHA256)